Re: Newbie with a smallbiz2000 installation, check my config?
From: rcunningham8820 (rcunningham8820_at_yahoo.com)
Date: 04/14/04
- Next message: Javier Gomez [SBS MVP]: "Re: XP Firewall(?) problem"
- Previous message: Eddie Allen: "Re: Export/Copy Exchange User Mailboxes and Public Folders"
- In reply to: Chad A. Gross [SBS MVP]: "Re: Newbie with a smallbiz2000 installation, check my config?"
- Messages sorted by: [ date ] [ thread ]
Date: 14 Apr 2004 13:23:25 -0700
Awesome! I've gone from crying to smiling!
I didn't know what you meant by GPOs, but a little research later I
got it. I had a little trouble getting it to work for existing users
but I think I've figured it out. I created a D:\Home folder and
shared it with everyone having privledges then I setup the GPO
(created a new one) and specified the \\server\share\%username% and it
works. I was confused at first cause it still looked like it was on
the hard drive but when I double-clicked on the My Pictures folder it
showed the right path, horray!
Is it ok that I'm using the home folder instead of the \\server\users
share?
I read somewhere that (they were using roaming profiles) you shouldn't
store the redirected folders and offline files on the same server. Is
that true? I'm going to have 3 laptop users that want offline files.
Should they be using the same policy that redirects their files and
then should I also setup an offline file folder on their workstation?
I tested VPN last night like you directed (Chad) and it worked. I
tested vpn both ways and one direction it would only connect and test
one time. I had to exit those utilities and relaunch them for it to
test again (successful). I did that 3 times, all with the same
result!? I'm not too worried about that cause I thought it might be a
problem witht the utilities or my connection which will be different
that my lab anyway.
Can you point me to some material on setting up the VPN on sbs2000? I
read somewhere not to use Routing and Remote... I think it said use
ISA so I'm tempted on going through the ISA/Network
Configuration/Configure a Local VPN option? Is that right? Anything
I need to watch for? Are there any walkthroughs for my setup or good
docs you could recommend?
Your awesome, thanks again!
"Chad A. Gross [SBS MVP]" <chad.gross@laytonflower.nospam.com> wrote in message news:<udrLm5eIEHA.3032@TK2MSFTNGP09.phx.gbl>...
> Oops - just realized that we're working with SBS2k here, so no wizard for
> redirecting My Documents . . . but that's no biggie, we can still do it via
> GPOs . . .
>
> --
>
> Chad A. Gross - SBS MVP
> SBS ROCKS!
>
> Chad A. Gross [SBS MVP] wrote:
> > We're definitely getting close to having all the kinks worked out . .
> > .
> > As for user profiles, you don't necessarily get a '.domain' behind
> > every domain profile. For example, let's say you have a domain user
> > ( john.doe). The first time John logs on to a W2k / XP workstation,
> > Windows creates a profile path under Documents & Settings. It first
> > tries to create a folder using just the username (e.g. john.doe) - if
> > a folder with that name already exists (maybe a local user with the
> > same name, profile from previous domain, etc.), it will then try
> > username.domain (e.g. john.doe.company). If that already exists, it
> > will try username.000. If that exists, it will then try username.001
> > and so on until it can create a new unique folder for the profile. So,
> > just because you don't see .domain behind a profile folder
> > doesn't mean you don't have a profile for that domain user. Make
> > sense?
> > On to shares . . . Ok, the share you created - did you share an
> > existing folder, or create a new folder then share it? On your
> > server, open the properties for this folder, and ensure that you have
> > proper permissions both under Share Permissions and under the
> > Security tab. If you don't have necessary permissions under both,
> > you won't be able to access the share.
> > Adding domain users to workstations: You don't have to do anything
> > special there. All users have to do is log in. Granted, the first
> > time they log in, they may have to set up Outlook to use Exchange,
> > but nothing too difficult by any means . . . :^)
> >
> > As for roaming profiles, I'm not a big fan of them - especially in
> > any sort of mixed environment. What you can do with SBS2k & SBS2k3
> > is to use Folder Redirection instead of Roaming Profiles. This let's
> > you redirect key folders from a user's profile to a location on your
> > server. At a minimum I would recommend redirecting users' My
> > Documents folder - for two reasons. 1) this puts their My Documents
> > on the server, which means they get backed up with the rest of the
> > server every night. 2) When users do log in on a different PC, they
> > still have access to their My Documents folder. Additionally, you can
> > also redirect users' Application Data, Startup & Desktop folders as
> > well. SBS2k3 provides a wizard to redirect users' My Documents
> > folder - Open Server Management, click on Backup, and on the left is
> > a link for "Configure My Documents Redirection". If you want to
> > redirect Application Data, Startup and/or Desktop folders, you'll
> > have to do that via Group Policies, but it's pretty straight forward
> > . . .
> > If you need anything else, just post back. :^) HTH!
> >
> >
> > rcunningham8820 wrote:
> >> Ok, great I'll ignore those errors, thank you for the article!
> >>
> >> Yes, the server is now setup with ad, exchange, isa, Symantec
> >> Antivirus SBS, Backup Exec! Everything is working reasonably
> >> well...wait, hurry, backup!!! :O)
> >>
> >> I'm able to access web and email from the clients fine, (haven't
> >> tackled VPN yet). I'll refrain from accessing the web and such from
> >> the server.
> >>
> >> I'm having another problem but I don't really know what to call it. I
> >> setup a share on the server, gave my domain account full access to
> >> it and setup my user account to mount it as M upon login. That works,
> >> drive M:\ shows up in My Computer on my Windows 2000 Pro workstaion
> >> but when I double-click the icon it says "M:\ is not accessible".
> >> When I explore I notice the user profile under the Documents and
> >> Settings folder is not followed by a ".domain". What am I doing
> >> wrong? I notice there is a Administrator.xyz profile I'm guessing was
> >> created with the SCW disk. Do you have to run SCW for each user
> >> account you add to the computer? I am logging on to the domain and
> >> not local. Do you have any urls that can tell me the correct way to
> >> add domain users/profiles to workstations? I haven't been able to
> >> find anything good.
> >>
> >> If we are going to have users mainly use one computer and not other
> >> computers is there any other benefit to roaming profiles? The
> >> organization will have all Windows 2000 workstations with the
> >> acception of a couple XP Pros.
> >>
> >> I really do appreciate your help Chad, SBS wouldn't rock without you!
> >>> O)
> >>
> >> I hope I've explained where it makes sense!
> >>
> >>
> >> "Chad A. Gross [SBS MVP]" <chad.gross@laytonflower.nospam.com> wrote
> >> in message news:<ezfWnnbIEHA.3720@tk2msftngp13.phx.gbl>...
> >>> Ok -
> >>>
> >>> All of those error can be ignored - that's just SBS tripping over
> >>> it's own
> >>> feet as it starts up. (The Exchange services are calling AD during
> >>> startup,
> >>> but AD hasn't completely loaded yet, since Exchange is running on
> >>> our only
> >>> DC) . . .
> >>> http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322837
> >>>
> >>> As for running Windows Update from the server, it's usually best to
> >>> stop
> >>> your Exchange & SQL services first - that will greatly increase your
> >>> success
> >>> rate and minimize unwanted side-effects.
> >>>
> >>> As for posting to the newsgroup via the web interface, are you
> >>> trying to
> >>> post from the server or a workstation? Best practice is not to
> >>> browse from
> >>> the server . . . On a slightly related topic, have you installed
> >>> the firewall client on the workstations? (I'm assuming you have ISA
> >>> installed
> >>> since you indicated you needed to set the browser to use port 8080)
> >>> . . .
> >>>
> >>> --
> >>>
> >>> Chad A. Gross - SBS MVP
> >>> SBS ROCKS!
> >>>
> >>> rcunningham8820 wrote:
> >>>> Thank you for your help Chad, I'm making some progress. I've
> >>>> reinstalled SBS and tried my best to follow the wizards and the
> >>>> docs you referred me to. I have ISA loaded and plan on using it. Two
> >>>> nics
> >>>> in the server, configured one for the internal network and one for
> >>>> the
> >>>> Interent. I've got a workstation pulling up web pages through the
> >>>> SBS (that was a stupid mistake...client wasn't configured to use
> >>>> port 8080). I've yet to tackle VPN. I'm getting hung up with some
> >>>> services that don't start, the first few messages in event log:
> >>>>
> >>>> Event Type: Error
> >>>> Event Source: MSExchangeDSAccess
> >>>> Event Category: Topology
> >>>> Event ID: 2104
> >>>> Date: 4/13/2004
> >>>> Time: 12:25:57 PM
> >>>> User: N/A
> >>>> Computer: ARMSTRONG1
> >>>> Description:
> >>>> Process INETINFO.EXE (PID=1516). All the DS Servers in domain are
> >>>> not
> >>>> responding.
> >>>>
> >>>> Event Type: Error
> >>>> Event Source: MSExchangeDSAccess
> >>>> Event Category: Topology
> >>>> Event ID: 2102
> >>>> Date: 4/13/2004
> >>>> Time: 12:26:01 PM
> >>>> User: N/A
> >>>> Computer: ARMSTRONG1
> >>>> Description:
> >>>> Process MAD.EXE (PID=1280). All Domain Controller Servers in use
> >>>> are not responding:
> >>>> armstrong1.armstronginc.local
> >>>>
> >>>> Event Type: Error
> >>>> Event Source: MSExchangeAL
> >>>> Event Category: Service Control
> >>>> Event ID: 8250
> >>>> Date: 4/13/2004
> >>>> Time: 12:26:03 PM
> >>>> User: N/A
> >>>> Computer: ARMSTRONG1
> >>>> Description:
> >>>> The Win32 API call 'DsGetDCNameW' returned error code [0x862] The
> >>>> specified component could not be found in the configuration
> >>>> information. The service could not be initialized. Make sure that
> >>>> the operating system was installed properly.
> >>>>
> >>>> ...The last error happens 3 times total about 5 seconds apart.
> >>>>
> >>>> I've tried several "DependOnService" entries but it always seems to
> >>>> cause another error. I've loaded the system enough to know I'm
> >>>> making
> >>>> the same mistake every time. When the server comes up and fails, I
> >>>> am
> >>>> able to start the services then.
> >>>>
> >>>> Is there anyway to just make a service wait a while before it tries
> >>>> to
> >>>> start?
> >>>>
> >>>> On another note, last night I tried to do a windows update and I
> >>>> selected all the critical updates except the IE 6 because it "had
> >>>> to be done seperately". The server locked down. Is there anything
> >>>> 'special' I should know about Windows Update?
> >>>>
> >>>> When posting this message to the newsgroups it told me that the
> >>>> page couldn't be found. Could ISA be blocking the /post page of
> >>>> google? Thanks in advance!
> >>>>
> >>>>
> >>>> "Chad A Gross [SBS-MVP]" <chad.gross@laytonflower.nospam.com> wrote
> >>>> in message news:<#zcLuTFIEHA.2064@TK2MSFTNGP10.phx.gbl>...
> >>>>> MS VPN uses PPTP (Point-to-Point Tunnelling Protocol), which
> >>>>> communicates
> >>>>> using port 1723. You will need to ensure that any routers between
> >>>>> your
> >>>>> server and the remote VPN client allow for GRE packets to be
> >>>>> passed.
> >>>>> This
> >>>>> is usually listed as VPN pass-thru on most routers - on some
> >>>>> higher end
> >>>>> routers (Cisco's, Netopia's, etc) you will most likely need to
> >>>>> enter
> >>>>> a
> >>>>> routing rule to allow for GRE (protocol 47) packets . . .
> >>>>>
> >>>>> You can test PPTP VPN functionality using the pptpsvr & pptpclnt
> >>>>> utilities
> >>>>> found in pptpping from the Windows Resource Kit. You can download
> >>>>> pptpping.zip from Wayne's site: http://www.sbsfaq.com/Files/
> >>>>>
> >>>>> --
> >>>>> Chad A. Gross [SBS-MVP]
> >>>>>
> >>>>> SBS ROCKS!!!
> >>>>>
> >>>>> "rcunningham8820" <rcunningham8820@yahoo.com> wrote in message
> >>>>> news:2de05d67.0404112157.338e6516@posting.google.com...
> >>>>>> Thank you for your quick reply. I'm going to reinstall and do
> >>>>>> what
> >>>>>> you said maybe I can get it right this time.
> >>>>>>
> >>>>>> Later, I'll have a remote office with a W2K Pro workstation
> >>>>>> connected
> >>>>>> to broadband. I'll want them to be a VPN client connected to
> >>>>>> this main office. Does the MS VPN solution require anything
> >>>>>> special with
> >>>>>> regards to the ISP or router equipment? I've seen VPN
> >>>>>> passthrough options on routers so I'll bet I've got to do
> >>>>>> something there. Are
> >>>>>> there any online tools to test VPN capabilities or will I just
> >>>>>> have
> >>>>>> to
> >>>>>> wait until the server is in place?
> >>>>>>
> >>>>>> Thanks again!
> >>>>>>
> >>>>>> "Chad A Gross [SBS-MVP]" <chad.gross@laytonflower.nospam.com>
> >>>>>> wrote
> >>>>>> in
> message news:<#3llVkDIEHA.2676@TK2MSFTNGP10.phx.gbl>...
> >>>>>>> First - I'll say right away that I don't like the idea of
> >>>>>>> multi-homing
> each
> >>>>>>> WS. That is just going to cause undo headaches. I personally
> >>>>>>> prefer
> using
> >>>>>>> a multi-homed SBS, with the Netgear router between the external
> >>>>>>> nic on
> the
> >>>>>>> SBS & internet connection.
> >>>>>>>
> >>>>>>> http://www.smallbizserver.net/DesktopDefault.aspx?tabid=52
> >>>>>>>
> >>>>>>> Alternatively, if you don't want to use ISA (although I
> >>>>>>> recommend using
> it),
> >>>>>>> you can just attach your SBS to your existing network without
> multi-homing.
> >>>>>>> Just be sure to disable DHCP on the router and change it's IP to
> >>>>>>> 192.168.16.1 (default IP for an SBS2k is 192.168.16.2). Then,
> >>>>>>> you'll
> just
> >>>>>>> need to change the router option in the DHCP scope on your SBS
> >>>>>>> to point
> to
> >>>>>>> the router's IP . . . Either way, you life will be much easier
> >>>>>>> in the
> long
> >>>>>>> run if you don't multi-home the workstations and let the SBS
> >>>>>>> handle
> DHCP,
> >>>>>>> DNS, etc.
> >>>>>>>
> >>>>>>> As for setting us SBS itself, use the wizards - they are the
> >>>>>>> quickest
> and
> >>>>>>> easiest way to ensure a proper configuration. If the SBS has
> >>>>>>> more
> >>>>>>> than
> one
> >>>>>>> nic, you'll need to manually set the binding order of the nics
> >>>>>>> (LAN nic
> >>>>>>> should be listed first). Once you've completed the
> >>>>>>> installation,
> complete
> >>>>>>> the items in the To Do List in order, and you'll be good to go.
> >>>>>>> Make
> sure
> >>>>>>> that all clients are pointing to your SBS (and *only* the SBS)
> >>>>>>> for
> >>>>>>> DNS.
> >>>>>>>
> >>>>>>> As for ISA - check out
> >>>>>>> http://www.smallbizserver.net/DesktopDefault.aspx?tabid=91
> >>>>>>>
> >>>>>>> --
> >>>>>>> Chad A. Gross [SBS-MVP]
> >>>>>>>
> >>>>>>> SBS ROCKS!!!
> >>>>>>>
> >>>>>>> "rcunningham8820" <rcunningham8820@yahoo.com> wrote in message
> >>>>>>> news:2de05d67.0404111821.4dd71191@posting.google.com...
> >>>>>>>> I've been thrust into a situation where I have to setup a
> >>>>>>>> smallbiz2000
> >>>>>>>> server, with little time and no training. Please tell me if
> >>>>>>>> there are
> >>>>>>>> any errors in my thought or any potiential long term planning
> >>>>>>>> issues
> >>>>>>>> with the say I plan on doing this? TIA, here is my proposed
> >>>>>>>> configuration:
> >>>>>>>>
> >>>>>>>> Existing is 13 Windows 2000 Professional workstations (with MS
> >>>>>>>> Office
> >>>>>>>> XP Pro and Outlook) configured to the Internet through a
> >>>>>>>> broadband
> >>>>>>>> gateway (NetGear or something like it) who's ip is 192.168.1.1
> >>>>>>>> and all
> >>>>>>>> the clients are DHCP.
> >>>>>>>>
> >>>>>>>> I've had numerous troubles with installing smallbiz2000.
> >>>>>>>> Configuring
> >>>>>>>> ISA was the straw that broke my back, so I thought my easiest
> >>>>>>>> solution
> >>>>>>>> was a multihomed network configuration. Each workstation's NIC
> >>>>>>>> will
> >>>>>>>> be configured with two ip addresses one on the gateway's subnet
> >>>>>>>> and
> >>>>>>>> one for the subnet that the server is on. I'll configure the
> >>>>>>>> server
> >>>>>>>> with an ip 10.0.0.100 (I'm using 10.0.0.100 only because on the
> >>>>>>>> 192.168.1.x network it is .100 also)
> >>>>>>>>
> >>>>>>>> The smallbiz2000 server will be Active Directory enabled,
> >>>>>>>> running
> >>>>>>>> Exchange Server (full schedule, task, contact sharing, etc.)
> >>>>>>>> and Network fax and file sharing.
> >>>>>>>>
> >>>>>>>> I've set this configuration up on a lab setting and everything
> >>>>>>>> seems
> >>>>>>>> to work fine. I'm concerned with two issues down the line.
> >>>>>>>> First
> >>>>>>>> question/issue, we're going to want VPN so can I add say a
> >>>>>>>> linksys
> >>>>>>>> BEFVP41 at this location and one at a remote location with a
> >>>>>>>> W2K Pro
> >>>>>>>> workstation without any issues? The other question/issue is if
> >>>>>>>> the
> >>>>>>>> workstations will reliably be able to see the server for Active
> >>>>>>>> Directory issues. Is this config ok? Any help is greatly
> >>>>>>>> appreciated!
- Next message: Javier Gomez [SBS MVP]: "Re: XP Firewall(?) problem"
- Previous message: Eddie Allen: "Re: Export/Copy Exchange User Mailboxes and Public Folders"
- In reply to: Chad A. Gross [SBS MVP]: "Re: Newbie with a smallbiz2000 installation, check my config?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
